First published: Tue Feb 25 2025(Updated: )
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in videowhisper VideoWhisper Live Streaming Integration allows Path Traversal. This issue affects VideoWhisper Live Streaming Integration: from n/a through 6.2.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
WordPress VideoWhisper Live Streaming Integration plugin | >n/a<=6.2 | |
VideoWhisper Live Streaming Integration | <=6.2 |
Update the WordPress VideoWhisper Live Streaming Integration wordpress plugin to the latest available version (at least 6.2.1).
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-26752 has been rated as a critical severity due to its potential for exploitation via path traversal.
To fix CVE-2025-26752, update the VideoWhisper Live Streaming Integration plugin to version 6.3 or later.
CVE-2025-26752 is caused by improper limitation of a pathname that allows attackers to bypass directory restrictions.
Exploitation of CVE-2025-26752 can lead to unauthorized access to sensitive files on the server.
CVE-2025-26752 affects all versions of VideoWhisper Live Streaming Integration from n/a through 6.2.